This one time, at band camp, Thomas Bushnell BSG said: > Stephen Frost <[EMAIL PROTECTED]> writes: > > > * Thomas Bushnell BSG ([EMAIL PROTECTED]) wrote: > >> Stephen Frost <[EMAIL PROTECTED]> writes: > >> > >> > Leaving around unused accounts is plainly wrong too, and also a > >> > potential security risk. > >> > >> Can you outline the risk please? > > > > Sure. Locking accounts isn't necessairly perfect. > > What is an account in the password file? It's nothing more than the > ability to log in under a given UID. How is a starred password > anything other than perfect locking of the account?
Many authentiaction systems do not use pam or shadow authentication. That's the point of the counter argument. I remember setting up ssh authorized keys for uucp, and that is a locked account (of course the command set and the host range was limited, but you see the point). -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
